Banking Malware MMRat Uses Protobuf Data Serialization Method To Steal Data

A new Android banking malware, MMRat, employs an uncommon method of communication—protobuf data serialization—to efficiently steal data from compromised devices. Discovered by Trend Micro in June 2023, MMRat targets Southeast Asian users and evades antivirus scans on platforms like VirusTotal. It spreads through deceptive websites posing as official app stores, with malicious apps mimicking government or dating apps. Once downloaded, the malware exploits Android's Accessibility service to gain permissions, enabling a wide array of malicious activities. Read more...